* NEWS: Note HTTP key fetching.

* README: Update version and note that HKP is no longer build in.

* configure.ac: Handle --disable-http and other code to properly build
gpgkeys_http.

ChangeLog

@@ -1,3 +1,12 @@
+2004-05-20  David Shaw  <dshaw@jabberwocky.com>
+
+	* NEWS: Note HTTP key fetching.
+
+	* README: Update version and note that HKP is no longer build in.
+
+	* configure.ac: Handle --disable-http and other code to properly
+	build gpgkeys_http.
+
 2004-05-19  David Shaw  <dshaw@jabberwocky.com>
 
 	* NEWS: Note the addition of preferred keyserver support,

NEWS

@@ -23,10 +23,17 @@ Noteworthy changes in version 1.3.6
       default), then the preferred keyserver is used when refreshing
       that key.
 
+    * Support for fetching keys via HTTP has been added.  This is
+      mainly useful for setting a preferred keyserver URL like
+      "http://www.jabberwocky.com/key.asc".
+
     * New --ask-cert-level/--no-ask-cert-level option to turn on and
       off the prompt for signature level when signing a key.  Defaults
       to off.
 
+    * New --gpgconf-list command for internal use by the gpgconf
+      utility from gnupg 1.9.x.
+
 
 Noteworthy changes in version 1.3.5 (2004-02-26)
 ------------------------------------------------

README

@@ -1,7 +1,7 @@
 
 		    GnuPG - The GNU Privacy Guard
 		   -------------------------------
-			    Version 1.3.5
+			    Version 1.3.6
 
 	    Copyright 1998, 1999, 2000, 2001, 2002, 2003,
 		 2004 Free Software Foundation, Inc.
@@ -524,14 +524,13 @@
      --disable-exec
                     Disable all remote program execution.  This
 		    disables photo ID viewing as well as all keyserver
-		    types aside from HKP.
+		    access.
 
      --disable-photo-viewers
                     Disable only photo ID viewing.
 
      --disable-keyserver-helpers
-                    Disable only keyserver helpers (not including
-		    HKP).
+                    Disable only keyserver helpers.
 
      --disable-keyserver-path
                     Disables the user's ability to use the exec-path

configure.ac

@@ -286,6 +286,12 @@ if test "$use_exec" = yes ; then
         try_hkp=$enableval, try_hkp=yes)
     AC_MSG_RESULT($try_hkp)
 
+    AC_MSG_CHECKING([whether HTTP key fetching support is requested])
+    AC_ARG_ENABLE(http,
+      AC_HELP_STRING([--disable-http],[disable HTTP key fetching interface]),
+        try_http=$enableval, try_http=yes)
+    AC_MSG_RESULT($try_http)
+
     AC_MSG_CHECKING([whether email keyserver support is requested])
     AC_ARG_ENABLE(mailto,
     [  --disable-mailto        disable email keyserver interface],
@@ -465,11 +471,15 @@ AM_CONDITIONAL(HAVE_DOSISH_SYSTEM, test "$have_dosish_system" = yes)
 AC_SUBST(MPI_OPT_FLAGS)
 GNUPG_SYS_SYMBOL_UNDERSCORE
 
-dnl This needs to go after AC_PROG_CC so that $EXEEXT is defined
-if test "$try_hkp" = yes ; then
+dnl These need to go after AC_PROG_CC so that $EXEEXT is defined
+if test x"$try_hkp" = xyes ; then
   AC_SUBST(GPGKEYS_HKP,"gpgkeys_hkp$EXEEXT")
 fi
 
+if test x"$try_http" = xyes ; then
+  AC_SUBST(GPGKEYS_HTTP,"gpgkeys_http$EXEEXT")
+fi
+
 dnl Must check for network library requirements before doing link tests
 dnl for ldap, for example. If ldap libs are static (or dynamic and without
 dnl ELF runtime link paths), then link will fail and LDAP support won't
@@ -483,10 +493,11 @@ AC_CHECK_FUNC(setsockopt, , AC_CHECK_LIB(socket, setsockopt,
 dnl Now try for the resolver functions so we can use DNS SRV
 
 AC_ARG_ENABLE(dns-srv,
-   AC_HELP_STRING([--disable-dns-srv],[disable the use of DNS SRV in HKP]),
+   AC_HELP_STRING([--disable-dns-srv],
+	[disable the use of DNS SRV in HKP and HTTP]),
    use_dns_srv=$enableval,use_dns_srv=yes)
 
-if test x"$try_hkp" = xyes && test x"$use_dns_srv" = xyes ; then
+if (test x"$try_hkp" = xyes || test x"$try_http" = xyes) && test x"$use_dns_srv" = xyes ; then
   _srv_save_libs=$LIBS
   LIBS=""
   # the double underscore thing is a glibc-ism?